Curriculum
- 14 Sections
- 56 Lessons
- 10 Weeks
Expand all sectionsCollapse all sections
- PHASE 1: FOUNDATIONS - AWS SOLUTIONS ARCHITECT CORE (Weeks 1-4)Goal: Build architectural understanding that security will protect0
- Week 1: Cloud Computing & AWS Fundamentals5
- Week 2: Core AWS Services & Compute5
- Week 3: Storage & Databases5
- Week 4: Networking Essentials (CRITICAL FOUNDATION)6
- 5.1Module 4.1: VPC Fundamentals (CIDR, Subnets, Route Tables)
- 5.2Module 4.2: Internet Connectivity (IGW, NAT Gateway)
- 5.3Module 4.3: Hybrid Connectivity (VPN, Direct Connect)
- 5.4Module 4.4: DNS Management (Route 53)
- 5.5Hands-on Project: Designing and implementing a production-ready VPC with public/private subnets
- 5.6End of Phase 1 Assessment: AWS SAA Practice Exam + Architecture Design Review
- PHASE 2: CORE CLOUD SECURITY ENGINEERING (Weeks 5-9)Goal: Deep dive into AWS security services and practices0
- Week 5: Identity & Access Management (IAM) Mastery5
- 7.1Module 5.1: IAM Advanced (Policies, Conditions, Permission Boundaries)
- 7.2Module 5.2: AWS Organizations & Service Control Policies (SCPs)
- 7.3Module 5.3: AWS SSO & Identity Center
- 7.4Module 5.4: Cross-Account Access & Role Assumption
- 7.5Hands-on Lab: Implementing least privilege access with permission boundaries and SCPs
- Week 6: Network Security & Infrastructure Protection5
- 8.1Module 6.1: Security Groups vs NACLs – Deep Dive
- 8.2Module 6.2: VPC Advanced Security (Flow Logs, VPC Endpoints, PrivateLink)
- 8.3Module 6.3: Network Firewall & Gateway Load Balancer
- 8.4Module 6.4: WAF & Shield (DDoS Protection)
- 8.5Hands-on Lab: Securing VPC with NACLs, Security Groups, and implementing WAF rules
- Week 7: Data Protection & Encryption5
- 9.1Module 7.1: AWS KMS Deep Dive (CMKs, Key Policies, Envelope Encryption)
- 9.2Module 7.2: Secrets Management (Secrets Manager, Parameter Store)
- 9.3Module 7.3: S3 Security (Bucket Policies, ACLs, Encryption Options)
- 9.4Module 7.4: Database Encryption (RDS, DynamoDB)
- 9.5Hands-on Lab: Implementing end-to-end encryption for application data
- Week 8: Detective Controls & Monitoring5
- 10.1Module 8.1: CloudTrail Configuration & Best Practices
- 10.2Module 8.2: CloudWatch Logs & Metrics for Security
- 10.3Module 8.3: GuardDuty (Threat Detection)
- 10.4Module 8.4: Security Hub & Config (Compliance Monitoring)
- 10.5Hands-on Lab: Building centralized logging solution with automated threat detection
- Week 9: Incident Response & Forensics5
- PHASE 3: ADVANCED SECURITY & DEVSECOPS (Weeks 10-12)Goal: Integrate security into modern cloud operations0
- Week 10: Secure Architecture & Compliance5
- 13.1Module 10.1: AWS Well-Architected Framework – Security Pillar
- 13.2Module 10.2: Compliance Frameworks (SOC 2, PCI-DSS, HIPAA)
- 13.3Module 10.3: AWS Audit Manager & Artifact
- 13.4Module 10.4: Designing Secure Multi-Account Strategies (Landing Zone, Control Tower)
- 13.5Hands-on Lab: Conducting Well-Architected Framework review
- Week 11: Infrastructure as Code Security (DevSecOps)5
- 14.1Module 11.1: CloudFormation & Terraform Security Best Practices
- 14.2Module 11.2: CI/CD Pipeline Security (CodePipeline, CodeBuild)
- 14.3Module 11.3: Security Testing in Pipeline (SAST/DAST, Secret Scanning)
- 14.4Module 11.4: Container Security (ECR, EKS Security)
- 14.5Hands-on Lab: Building secure CI/CD pipeline with integrated security checks